From owner-p4-projects@FreeBSD.ORG  Sat Jan 21 13:06:24 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 6B9E016A422; Sat, 21 Jan 2006 13:06:24 +0000 (GMT)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 29A0D16A41F
	for <perforce@freebsd.org>; Sat, 21 Jan 2006 13:06:24 +0000 (GMT)
	(envelope-from gnn@neville-neil.com)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E78F843D46
	for <perforce@freebsd.org>; Sat, 21 Jan 2006 13:06:23 +0000 (GMT)
	(envelope-from gnn@neville-neil.com)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k0LD6Num080142
	for <perforce@freebsd.org>; Sat, 21 Jan 2006 13:06:23 GMT
	(envelope-from gnn@neville-neil.com)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k0LD6NoD080139
	for perforce@freebsd.org; Sat, 21 Jan 2006 13:06:23 GMT
	(envelope-from gnn@neville-neil.com)
Date: Sat, 21 Jan 2006 13:06:23 GMT
Message-Id: <200601211306.k0LD6NoD080139@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	gnn@neville-neil.com using -f
From: "George V. Neville-Neil" <gnn@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 90069 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Jan 2006 13:06:25 -0000

http://perforce.freebsd.org/chv.cgi?CH=90069

Change 90069 by gnn@gnn_tahi_fast_ipsec on 2006/01/21 13:06:06

	Fix pointer arithmetic so that we actually put the key in the database
	and not random garbage.  
	
	First working version with new structures.

Affected files ...

.. //depot/projects/gnn_fast_ipsec/src/sys/netipsec/key.c#3 edit

Differences ...

==== //depot/projects/gnn_fast_ipsec/src/sys/netipsec/key.c#3 (text+ko) ====

@@ -2799,10 +2799,14 @@
 			bzero(sav->key_enc->key_data, _KEYLEN(sav->key_enc));
 	}
 	if (sav->key_auth != NULL) {
+		if (sav->key_auth->key_data != NULL)
+			free(sav->key_auth->key_data, M_IPSEC_MISC);
 		free(sav->key_auth, M_IPSEC_MISC);
 		sav->key_auth = NULL;
 	}
 	if (sav->key_enc != NULL) {
+		if (sav->key_enc->key_data != NULL)
+			free(sav->key_enc->key_data, M_IPSEC_MISC);
 		free(sav->key_enc, M_IPSEC_MISC);
 		sav->key_enc = NULL;
 	}
@@ -3070,7 +3074,6 @@
 		}
 		switch (mhp->msg->sadb_msg_satype) {
 		case SADB_SATYPE_ESP:
-		  /* XXX FIX ME */
 			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
 			    sav->alg_enc != SADB_EALG_NULL) {
 				error = EINVAL;
@@ -3620,18 +3623,14 @@
 key_dup_keymsg(const struct sadb_key *src, u_int len,
 	       struct malloc_type *type)
 {
-	struct seckey *dst = NULL;
+	struct seckey *dst;
 	dst = (struct seckey *)malloc(sizeof(struct seckey), type, M_NOWAIT);
 	if (dst != NULL) {
 		dst->bits = src->sadb_key_bits;
 		dst->key_data = (char *)malloc(len, type, M_NOWAIT);
 		if (dst->key_data != NULL) {
-			bcopy(src + sizeof(struct sadb_key), 
+			bcopy((const char *)src + sizeof(struct sadb_key), 
 			      dst->key_data, len);
-			ipseclog((LOG_DEBUG, "%s: source bits %p\n", __func__,
-				  src + sizeof(struct sadb_key)));
-			ipseclog((LOG_DEBUG, "%s: dst bits %p\n", __func__,
-				  dst->key_data));
 		} else {
 			ipseclog((LOG_DEBUG, "%s: No more memory.\n", 
 				  __func__));
@@ -7265,12 +7264,25 @@
 	return m;
 }
 
+/*
+ * Take one of the kernel's security keys and convert it into a PF_KEY
+ * structure within an mbuf, suitable for sending up to a waiting
+ * application in user land.
+ * 
+ * IN: 
+ *    src: A pointer to a kernel security key.
+ *    exttype: Which type of key this is. Refer to the PF_KEY data structures.
+ * OUT:
+ *    a valid mbuf or NULL indicating an error
+ *
+ */
+
 static struct mbuf *
 key_setkey(struct seckey *src, u_int16_t exttype) 
 {
 	struct mbuf *m;
 	struct sadb_key *p;
-	int len = PFKEY_ALIGN8(sizeof(struct sadb_key));
+	int len = PFKEY_ALIGN8(sizeof(struct sadb_key) + _KEYLEN(src));
 
 	if (src == NULL)
 		return NULL;
@@ -7285,11 +7297,25 @@
 	p->sadb_key_bits = src->bits;
 	ipseclog((LOG_DEBUG, "%s: setting key data %s\n", 
 			   __func__, src->key_data));
-	bcopy(src->key_data, _KEYBUF(p), len);
+	bcopy(src->key_data, _KEYBUF(p), _KEYLEN(src));
 
 	return m;
 }
 
+/*
+ * Take one of the kernel's lifetime data structures and convert it
+ * into a PF_KEY structure within an mbuf, suitable for sending up to
+ * a waiting application in user land.
+ * 
+ * IN: 
+ *    src: A pointer to a kernel lifetime structure.
+ *    exttype: Which type of lifetime this is. Refer to the PF_KEY 
+ *             data structures for more information.
+ * OUT:
+ *    a valid mbuf or NULL indicating an error
+ *
+ */
+
 static struct mbuf *
 key_setlifetime(struct seclifetime *src, u_int16_t exttype)
 {